tree-optimization/105969 - FPE with array diagnostics

For a [0][0] array we have to be careful when dividing by the element size which is zero for the outermost dimension. Luckily the division is only for an overflow check which is pointless for array size zero. 2022-06-15 Richard Biener <rguenther@suse.de> PR tree-optimization/105969 * gimple-ssa-sprintf.cc (get_origin_and_offset_r): Avoid division by zero in overflow check. * gcc.dg/pr105969.c: New testcase.
2022-06-15 10:54:48 +02:00 · 2022-06-15 10:54:48 +02:00 · edb9330c29
parent f4c3ce32fa
commit edb9330c29
2 changed files with 14 additions and 1 deletions
--- a/gcc/gimple-ssa-sprintf.cc
+++ b/gcc/gimple-ssa-sprintf.cc
@ -2319,7 +2319,7 @@ get_origin_and_offset_r (tree x, HOST_WIDE_INT *fldoff, HOST_WIDE_INT *fldsize,

 	if (byteoff < HOST_WIDE_INT_MAX
 	    && elbytes < HOST_WIDE_INT_MAX
-	    && byteoff / elbytes == idx)
+	    && (elbytes == 0 || byteoff / elbytes == idx))
 	  {
 	    /* For in-bounds constant offsets into constant-sized arrays
 	       bump up *OFF, and for what's likely arrays or structs of
--- a/gcc/testsuite/gcc.dg/pr105969.c
+++ b/gcc/testsuite/gcc.dg/pr105969.c
@ -0,0 +1,13 @@
+/* { dg-do compile } */
+/* { dg-options "-Wall" } */
+
+struct A
+{
+  char a[0][0][0];
+};
+extern struct A b[][2];
+void f (void)
+{
+  __builtin_sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]); /* { dg-warning "past the end" } */
+  /* { dg-warning "overlaps destination" "" { target *-*-* } .-1 } */
+}